Legal claims defining the scope of protection, as filed with the USPTO.
1. A system to securely perform a firmware update on a computing system, the system comprising: a computer system firmware update package comprising a new firmware for a Trusted Execution Environment (TEE), a security extension to isolate the TEE; and a firmware update system to run in the TEE, wherein the TEE continues to operate normally while the firmware update system performs integrity, authenticity validation and management of the computer system firmware update package, creates a Stage Trusted Execution Environment (STEE) to replace the TEE, copies the TEE into the STEE, applies the new firmware to the STEE, and updates a boot configuration to start the STEE as the TEE, wherein the firmware update system validates the STEE after applying the new firmware and prior to updating the boot configuration to start the STEE as the TEE.
2. The system as claimed in claim 1 further comprising a Bootloader that validates the TEE each time when the computing system starts and loads the TEE after successful validation.
3. The system as claimed in claim 1 further comprising a Bootloader that detects a failed or damaged TEE and removes the TEE.
4. The system as claimed in claim 1 wherein the system comprises limited hardware resources.
5. The system as claimed in claim 1 wherein the firmware update system migrates a configuration of the TEE to the STEE.
6. The system as claimed in claim 1 wherein the TEE functions as a backup to the STEE.
7. The system as claimed in claim 1 further comprising restarting the device to boot the new TEE.
Unknown
June 30, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.